r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5632
Expires: Sat, 03 Dec 2022 05:48:37 GMT
Date: Sat, 03 Dec 2022 04:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4498
Expires: Sat, 03 Dec 2022 05:29:43 GMT
Date: Sat, 03 Dec 2022 04:14:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1369
Cache-Control: max-age=110359
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:45 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:54:04 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YEhVgwVi86mLj/2Aj147VXKqLQmDAH0yqvkEKsxA/NBjR13Nx7TA2igZZSZiZz535bky/sasTtqpseEClI0mHQ==
x-amz-request-id: RHY7WWE3TB2E9AG7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:25 GMT
age: 1700
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 03:19:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3287
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1603b3db3b65066c02b9ad9a194fbb0
385da2a8d21b6a9cb4d421d3868d8984f76877fa
3ecac5c805e953110bfbe2854ca9205fb01fcb12f50b77e5e33c5101b0474b5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECAC5C805E953110BFBE2854CA9205FB01FCB12F50B77E5E33C5101B0474B5F"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3908
Expires: Sat, 03 Dec 2022 05:19:53 GMT
Date: Sat, 03 Dec 2022 04:14:45 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 04:14:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
91.223.82.61200 OK 20 kB URL HTTP/1.1 gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Hash 522a22adb5a3da271f5349b3706c850c
7197afa445715299f2e645fe080c5e02b53cf643
d61f21e06c8a3e32e1e92451497b3381810032efc48598a0e8c5bcdd4aea5595
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
quad9 Sinkholed
GET /app/1330123889/pubg-90-uc-game-hack HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip
gaminghelper.co/css/bootstrap.min.css
91.223.82.61200 OK 20 kB URL HTTP/1.1 gaminghelper.co/css/bootstrap.min.css
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (65371)
Hash 3f142cfc2d7123b31a1e696e0591f27a
834192dbadf2713cd2ff89f50d7ec2f1d4782e54
3421e2383a7c02f24509d2f1294d3099b658d0773f97706b87b832b0b770c0b6
Analyzer Verdict Alert quad9 Sinkholed
GET /css/bootstrap.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-1d9bb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/sweetalert2.min.css
91.223.82.61200 OK 2.7 kB URL HTTP/1.1 gaminghelper.co/css/sweetalert2.min.css
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (13987), with no line terminators
Hash 1cfac88a4a8e1bc20b811757fb028b40
10427c064f703342d031411a3310e2a5ef2083bc
53976df2ad3ce0c0f2632bb620bbb02d930a5eb943298170e97189f029a0d70d
Analyzer Verdict Alert quad9 Sinkholed
GET /css/sweetalert2.min.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c106-36a3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/js/jquery.countTo.js
91.223.82.61200 OK 1.1 kB URL HTTP/1.1 gaminghelper.co/js/jquery.countTo.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash 547f5246e091d19af521dee35588e468
4772f3c1e62865ccbbab04abd39e69510c8f5843
67880d8532d95db3e74b7da985ca2fe7c9d9660e3dd125202cebcda96a2007e2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.countTo.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b3-eb1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/animate.css
91.223.82.61200 OK 4.0 kB URL HTTP/1.1 gaminghelper.co/css/animate.css
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash 48bc9b81bca18c06ba937cbb880b4cb3
697313edfad185bcca5c7bde18da4a98f93e3adb
b30b4d8565f9af6c8d2cb3839aa09dbccd60ca1a766465d542debade38f45741
Analyzer Verdict Alert quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c104-10cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/css/magnific-popup.css
91.223.82.61200 OK 2.0 kB URL HTTP/1.1 gaminghelper.co/css/magnific-popup.css
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash c0275239cb960b014d780d8105b44d72
8db83ac790988232549a3740ecf04fc199da1ce8
211b79363793093a7a2f1d342768844e938e88156b62293093185a6500ead1cf
Analyzer Verdict Alert quad9 Sinkholed
GET /css/magnific-popup.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-1f0a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 16:58:49 GMT
expires: Sun, 26 Nov 2023 16:58:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 558957
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gaminghelper.co/css/fancySelect.css
91.223.82.61200 OK 1.0 kB URL HTTP/1.1 gaminghelper.co/css/fancySelect.css
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash 458a1a06f282aa4c457a8b613d6a38e6
b524e1cb32722230e18bc85f414b9a10e43a7e2d
3f41176d4616a36f4325865bb3c0ea652f3616dec60b31bd923df91f600506b2
Analyzer Verdict Alert quad9 Sinkholed
GET /css/fancySelect.css HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Sep 2021 06:30:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c105-109d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/sweetalert2.min.js
91.223.82.61200 OK 6.5 kB URL HTTP/1.1 gaminghelper.co/js/sweetalert2.min.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (20305), with no line terminators
Hash b238ef007e57c4c8f9447cba68fdb3a2
2d4ca455aca3fcd8ee7ac2e2883cfa89c87bd532
aeafa1e7bb6a973eac2b4f5462844b1c2d64d53eb2e09e75f265e646320f7080
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/sweetalert2.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-4f51"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/validator.min.js
91.223.82.61200 OK 2.1 kB URL HTTP/1.1 gaminghelper.co/js/validator.min.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (5862)
Hash 1ab13fa2eeca5d16de99a1cad839416c
0d0a95bd88d04b02d89e1162dd3ebb20b5543dd8
56b8d7fb44f86809b49d416022455ac170fb0b79d1ab4b6e5192a046e660f667
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/validator.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b9-17a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/com.js
91.223.82.61200 OK 3.3 kB URL HTTP/1.1 gaminghelper.co/js/com.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type C source, Unicode text, UTF-8 text, with very long lines (2456)
Hash ecf323c878106fa274f5e9f3b3a82437
86b15826e8a83c81da7ef264dd8e3ff59ef5c1bf
28babf5e232e3dc0985bab21a28eea25b17bc078bafc92a6ba049eefb1e45720
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/com.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-461a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/fancySelect.js
91.223.82.61200 OK 1.7 kB URL HTTP/1.1 gaminghelper.co/js/fancySelect.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash a60791b5b353371813114e815d946494
69d1f371b0ed899641e640b2649c0914302812bd
5d19375a0386f8ea11115e3145c61105cfa1daca00d15ad54b49c84967f518d0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/fancySelect.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:45 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-1a7a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
gaminghelper.co/js/form-scripts.js
91.223.82.61200 OK 609 B URL HTTP/1.1 gaminghelper.co/js/form-scripts.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash 4fb85eb3b2f0dd8b8f5953c58236da3e
1c9f6c7a15a3248147e056672ffbf4fdbaed6718
3dd0f5e5567c73519dc3eeb98ba6fef9d2b2982af24544ba3d7bbc684d6bae6c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/form-scripts.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b2-5bd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 90b4caf4c10d4aedbbf15a03650df1f8
f2da7656691c4bc1238df9c60f4439dde08541dc
2c67636d085bb985e6cc0a524aeb26d2a8d1f574d538e394349d2196587e1219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1278
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Last-Modified: Sat, 03 Dec 2022 03:53:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/js/jquery.magnific-popup.min.js
91.223.82.61200 OK 7.7 kB URL HTTP/1.1 gaminghelper.co/js/jquery.magnific-popup.min.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (21014)
Hash 12a9a563724e70a895de0fbd5f7b4ee5
a14c616f532deb9ca2d5fa0de6124d47ea60ab57
f2e1cd5f2953925591288bd1cc3f167bbd392497476119083458e33e9ab87079
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b6-5297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/js/sticky.js
91.223.82.61200 OK 0 B URL HTTP/1.1 gaminghelper.co/js/sticky.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/sticky.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Fri, 03 Sep 2021 06:33:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c1b8-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
142.250.74.106200 OK 52 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (563)
Hash d3908721b39ebbeffaf1c917bbda06e8
0f9b6c6bdad9cfc057f3e85f52cc417370959fb9
4ae100977cea8b9965e5d231f3ae655783b4f163c56ee703953aff937525ed37
GET /ajax/libs/jqueryui/1.8.13/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 51711
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 04:04:31 GMT
expires: Tue, 28 Nov 2023 04:04:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 432615
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 90b4caf4c10d4aedbbf15a03650df1f8
f2da7656691c4bc1238df9c60f4439dde08541dc
2c67636d085bb985e6cc0a524aeb26d2a8d1f574d538e394349d2196587e1219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1278
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Last-Modified: Sat, 03 Dec 2022 03:53:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/js/main.js
91.223.82.61200 OK 15 kB URL HTTP/1.1 gaminghelper.co/js/main.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (16162)
Hash 562dc83f2f14b713905fe69a0994e11d
43cd616f9ea8c8c1eb0edccd54a29e2490fcf90a
745ecf708bc71ba73f7071b8a35c3f639ec7f3e05ceb826458a1b6a8fb4fe782
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/main.js HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Sep 2021 06:33:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6131c1b7-a08b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 348
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69861b5e0e92521a872e6dd3e443b697
4e9c0deb298621afade2b9992e4e3626225bc343
50ae2f5380322a3bf2e91af82e9ca1e878249f47d050ff28a2d1d80a32f5ce7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50AE2F5380322A3BF2E91AF82E9CA1E878249F47D050FF28A2D1D80A32F5CE7A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5602
Expires: Sat, 03 Dec 2022 05:48:08 GMT
Date: Sat, 03 Dec 2022 04:14:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ea593a5e9acaa7a951696619883f0b5a
0184efb78e8028813b366cf9b64195d8774ce3c7
891992eb7cc4a5e32e25886f6eae9b6d5c1ded12a4389272c80a07df528a40c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4983
Cache-Control: max-age=136298
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Etag: "638a2b29-1d7"
Expires: Sun, 04 Dec 2022 18:06:24 GMT
Last-Modified: Fri, 02 Dec 2022 16:43:21 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
is3-ssl.mzstatic.com/image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg
184.24.44.26200 OK 12 kB URL HTTP/2 is3-ssl.mzstatic.com/image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg
IP 184.24.44.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 150x150, components 3\012- data
Hash d04e1a439a4c608e95c7c7abbef2d2d9
696197deeceb113114269ca683f61c4112af3656
8ec6e2a4f85bd90fc1262f28db4c81378afe66d2209987f3f2e42654e88e94bd
GET /image/thumb/Purple122/v4/fe/f4/d9/fef4d9cb-8982-7df3-5e32-8e739cd9bb9d/AppIcon-1x_U007emarketing-0-0-GLES2_U002c0-512MB-sRGB-0-0-0-85-220-0-0-0-8.png/150x150bb.jpg HTTP/1.1
Host: is3-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 12072
x-apple-jingle-correlation-key: BJQQ6546FAR5DTAKRUS33NWOPA
x-apple-request-uuid: 0a610f77-9e28-23d1-cc0a-8d25bdb6ce78
b3: 0a610f779e2823d1cc0a8d25bdb6ce78-f21dfc07c65d9cf4
x-b3-spanid: f21dfc07c65d9cf4
x-b3-parentspanid: 1dfa0c1cbc2b69a8
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 17 Nov 2022 01:47:12 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY4NjQ5NjMyNDA2LGlzQnVpbGRWZXJzaW9uTm90U2V0LDc2YWFjMGYwLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
x-b3-traceid: 81236f67caff38d6
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE148:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 554c5fe5-493d-428f-a3fb-c9289cbb2515-4532806631
cache-control: no-transform, max-age=13983775
date: Sat, 03 Dec 2022 04:14:46 GMT
x-cache: TCP_HIT from a95-101-11-174.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
X-Firefox-Spdy: h2
gaminghelper.co/img/nbacash2.png
91.223.82.61200 OK 2.3 kB URL HTTP/1.1 gaminghelper.co/img/nbacash2.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 65716506074de00f1059977305013999
6cfae93ba1f8691d07a629a76d12c78173155b46
55fd8d4b5137df77e5c67c4d83ec123a8db2887cf3b58229e07b45568e091829
Analyzer Verdict Alert quad9 Sinkholed
GET /img/nbacash2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 2338
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-922"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1356
Cache-Control: max-age=105283
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:29:29 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
gaminghelper.co/img/coins2.png
91.223.82.61200 OK 2.1 kB URL HTTP/1.1 gaminghelper.co/img/coins2.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 31 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash de49d679ea1686fa64881f10c0062904
b807f2d9ebb16f59714747732cdcd6944f43c8fe
be338b834d7a7c5b29dbe49c41f50dd84c58f29f651834f46cce86c0fb74ef40
Analyzer Verdict Alert quad9 Sinkholed
GET /img/coins2.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 2061
Last-Modified: Fri, 03 Sep 2021 06:31:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c134-80d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/main-bg.jpg
91.223.82.61200 OK 9.4 kB URL HTTP/1.1 gaminghelper.co/img/main-bg.jpg
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash d93b1723b2a2723d48696c5a6cae3b7e
6f69bdc7079dd114f6fc816c5098f80b58c7b794
efbff382982bb66a918e5412741a23a309c6f4ca4e9820e65e67f659767765d6
Analyzer Verdict Alert quad9 Sinkholed
GET /img/main-bg.jpg HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/jpeg
Content-Length: 9365
Last-Modified: Fri, 03 Sep 2021 06:31:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c143-2495"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
i0.wp.com/enigmanetwork.net/dmca.png
192.0.77.2200 OK 668 B URL HTTP/2 i0.wp.com/enigmanetwork.net/dmca.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fa302d465f15a34e8264bc761a6902aa
2c73911e3cfcf82860d1d59a0ccd2625ae98fffb
0cbddd5e01b49d35d16b15fc54a481a17a0f2803c2da6807800428139dd50f7f
GET /enigmanetwork.net/dmca.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 04:14:46 GMT
content-type: image/webp
content-length: 668
last-modified: Thu, 04 Aug 2022 17:20:08 GMT
expires: Sun, 04 Aug 2024 05:20:08 GMT
cache-control: public, max-age=63115200
link: <http://enigmanetwork.net/dmca.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a264775a6858f15f"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
gaminghelper.co/img/pr-l.png
91.223.82.61200 OK 7.5 kB URL HTTP/1.1 gaminghelper.co/img/pr-l.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 91d0b1f8f5b7685478ff0d1f461fa658
7e457376b687add741a5d6cea2713dc4ef37efbc
37e1b903b1a3b99f70dd9b463948bbaed162d7f3cc957dbc5084f0c523b9ec0d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/pr-l.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 7453
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-1d1d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/pr-r.png
91.223.82.61200 OK 11 kB URL HTTP/1.1 gaminghelper.co/img/pr-r.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 284e10ee335890399e8f772c430570a9
188bf895905cee7d579aad2b6b5cdf795741f9cd
e88b54e0aa65055cb25657c0ed283b4d768a79770980c27f424886a48fa046ef
Analyzer Verdict Alert quad9 Sinkholed
GET /img/pr-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 11003
Last-Modified: Fri, 03 Sep 2021 06:31:41 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c14d-2afb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/panel-overlay.png
91.223.82.61200 OK 3.1 kB URL HTTP/1.1 gaminghelper.co/img/panel-overlay.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 960 x 661, 4-bit colormap, non-interlaced\012- data
Hash 2b026d93f79b384005e4252c80701791
87804a0d83d2e745b31526c8b60d026abecbe73a
b7a5d35c1c7be1953002244f054a14f38ed11912ad52d25a8e963774f7f52e0e
Analyzer Verdict Alert quad9 Sinkholed
GET /img/panel-overlay.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 3116
Last-Modified: Fri, 03 Sep 2021 06:31:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c146-c2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/smallbtnbg.png
91.223.82.61200 OK 1.4 kB URL HTTP/1.1 gaminghelper.co/img/smallbtnbg.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Hash 92b84c143879abe85792a3408ae4845d
1f8e983f7514d582e81cfee98ad8bb40ced26972
dcf687cc9a059bc7a036faf3a86c50103d04e1fdca867deb7553ec9136719f0d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/smallbtnbg.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 1405
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-57d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/smallbtnbg-r.png
91.223.82.61200 OK 1.4 kB URL HTTP/1.1 gaminghelper.co/img/smallbtnbg-r.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 100 x 150, 8-bit colormap, non-interlaced\012- data
Hash bdfffd47e30bf7d045d45f0125a33164
5834aea23f79a1ddccea3825bd51249307435c5f
0f61dff49d41fddbcc21de3dd4f1a62006f366083361d725bfd92ccf87212067
Analyzer Verdict Alert quad9 Sinkholed
GET /img/smallbtnbg-r.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 1393
Last-Modified: Fri, 03 Sep 2021 06:31:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c154-571"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/button-dot.png
91.223.82.61200 OK 672 B URL HTTP/1.1 gaminghelper.co/img/button-dot.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 15 x 15, 8-bit colormap, non-interlaced\012- data
Hash 478aefab2e280b16b0372e607414d3c2
710f5aaa706ec23cbf45006d7c1d25be76b4fa64
a651e77df132fc0c4dbccb7c56f84923c28dcb159f4b7a112bde8bbc548632bc
Analyzer Verdict Alert quad9 Sinkholed
GET /img/button-dot.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 672
Last-Modified: Fri, 03 Sep 2021 06:31:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c132-2a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
104.18.10.207200 OK 67 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 04:14:46 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 01a7855f8e506f206da6f49f4cf8f10f
cdn-cache: HIT
cf-cache-status: HIT
age: 74128
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77397a34ad710b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gaminghelper.co/fonts/bebasneue_bold-webfont.html
91.223.82.61200 OK 15 kB URL HTTP/1.1 gaminghelper.co/fonts/bebasneue_bold-webfont.html
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type Web Open Font Format (Version 2), TrueType, length 15216, version 1.197\012- data
Hash 772fc6a0795e2498a1715526dd95ac22
d410a8da10385a0ef11a74e69644493b99315fc3
13c03e5c6b49e447770ba4d0aee22d4aedbeed87e94f54fdcaf990934c109830
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fonts/bebasneue_bold-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: text/html
Content-Length: 15216
Last-Modified: Fri, 03 Sep 2021 06:30:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c118-3b70"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/btn-img.png
91.223.82.61200 OK 1.3 kB URL HTTP/1.1 gaminghelper.co/img/btn-img.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 150 x 100, 8-bit colormap, non-interlaced\012- data
Hash 817cb08a965fe5bf8debba11091e94c0
214d58c18bcbcfebd1606554929e9bc5f65755c6
e7e359cb00b793c60c192fb1dbffa401806d99267e9b55d8bc9ce3c8260568ae
Analyzer Verdict Alert quad9 Sinkholed
GET /img/btn-img.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 1335
Last-Modified: Fri, 03 Sep 2021 06:31:13 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c131-537"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/fonts/et-line.woff
91.223.82.61200 OK 55 kB URL HTTP/1.1 gaminghelper.co/fonts/et-line.woff
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type Web Open Font Format, CFF, length 55220, version 1.0\012- data
Hash b01ff252761958325faab1535c90c87f
d33413e7bc42acc8837cc9030ca45d29c1ccf0c6
19d2f43d546ada73dd083f7778aa4a5cac1a8e7a3af56efccae580fce07a5e1c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fonts/et-line.woff HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: font/woff
Content-Length: 55220
Last-Modified: Fri, 03 Sep 2021 06:30:56 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c120-d7b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/fonts/bebasneue_regular-webfont.html
91.223.82.61200 OK 16 kB URL HTTP/1.1 gaminghelper.co/fonts/bebasneue_regular-webfont.html
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.197\012- data
Hash af83f1b88fb4654673e9c841bd22a8c7
61e5a340ea87431211d732024f2703dca5b80cbc
bee0bcc11701aea746fd8b734379ba5e003a034460bfd71d88dc364b4d939be6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fonts/bebasneue_regular-webfont.html HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gaminghelper.co/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: text/html
Content-Length: 15948
Last-Modified: Fri, 03 Sep 2021 06:30:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: "6131c11b-3e4c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
translate.googleapis.com/translate_static/css/translateelement.css
216.58.207.234200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 216.58.207.234:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 03:51:24 GMT
expires: Sat, 03 Dec 2022 04:51:24 GMT
cache-control: public, max-age=3600
age: 1402
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gaminghelper.co/close.png
91.223.82.61200 OK 4.9 kB URL HTTP/1.1 gaminghelper.co/close.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash fb5d414fccc35f19fde0f30a8c98139b
4b4a030923039e56efdad2c2d97f0a74d2c74657
a967335d601fb662b5723f1181b3d07f25811d2ca26131598c48482b9935217b
Analyzer Verdict Alert quad9 Sinkholed
GET /close.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: image/png
Content-Length: 4878
Last-Modified: Fri, 03 Sep 2021 06:30:21 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c0fd-130e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.10.207200 OK 8.4 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (27303)
Hash 41d044acd2aaf309f3b4854bc13fe675
f562ab80dc9b4c7b81613473b31cc57824c6af89
a1e18f8bd5c96e92d7d20768fd4fce9d69d090bc26855d385d6c9012d896dbb1
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 04:14:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15485134
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77397a321b74b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 379325
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XD8zjRBbHLn4Zm38cgrduw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A4MXL6jmCVfRSC7a3d5STPIGjBk=
gaminghelper.co/app/1330123889/img/favicon-16x16.png
91.223.82.61200 OK 20 kB URL HTTP/1.1 gaminghelper.co/app/1330123889/img/favicon-16x16.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14923)
Hash 522a22adb5a3da271f5349b3706c850c
7197afa445715299f2e645fe080c5e02b53cf643
d61f21e06c8a3e32e1e92451497b3381810032efc48598a0e8c5bcdd4aea5595
Analyzer Verdict Alert quad9 Sinkholed
GET /app/1330123889/img/favicon-16x16.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.8RC1
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eac21c018b331c380a594610bc4d25ad
6b3a72c908edc11e5e389bbc0bb768fb2757adbe
8315de5b82f2596de9c7f2d790853d2026f842d1c024647e71e64b4b00973256
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8315DE5B82F2596DE9C7F2D790853D2026F842D1C024647E71E64B4B00973256"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9716
Expires: Sat, 03 Dec 2022 06:56:42 GMT
Date: Sat, 03 Dec 2022 04:14:46 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 04:05:21 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 305890045
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a3d1ad15d68a9f175ab0bda4461cd802
0fcc76c62586aa7172eafb7573baa4f01aff39f6
207cc762b49e7fe9f682ebac91a325cd34bf9989221a3099b713c6173eec342b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "207CC762B49E7FE9F682EBAC91A325CD34BF9989221A3099B713C6173EEC342B"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15015
Expires: Sat, 03 Dec 2022 08:25:01 GMT
Date: Sat, 03 Dec 2022 04:14:46 GMT
Connection: keep-alive
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
216.58.211.3200 OK 1.6 kB URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
IP 216.58.211.3:0
File type PNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a931d597decd2553aac6634b766cf2
6ec84fb4a2745b4b71520241be77db1fd1013830
f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e
GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1597
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:47 GMT
expires: Wed, 29 Nov 2023 15:42:47 GMT
cache-control: public, max-age=31536000
age: 304319
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 04:14:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
216.58.207.228200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Sat, 03 Dec 2022 04:14:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.enigmacdn.com/matomo.js
91.223.82.61200 OK 20 kB URL HTTP/1.1 track.enigmacdn.com/matomo.js
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type ASCII text, with very long lines (1404)
Hash 8cd72e4f9c8225acdd40bf7dc2406e19
0cd39b8143536dfb54d1224e502ccc6567081204
f7a1fe5cff057b3d4c769d456085425932f39e43050ba4ff77fd9e0a66b57881
GET /matomo.js HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:46 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 May 2021 02:21:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"60adb0af-f330"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670040884930&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38842683&@b3:1670040885&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&@w
149.56.240.130200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670040884930&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38842683&@b3:1670040885&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&@w
IP 149.56.240.130:0
File type ASCII text, with no line terminators
Hash 98bc08b0d2e9412ae42a710f152b1200
1d4ed597f202664047794c5a97a303f2497a7ede
29a556609f3ab4e37258d620c33db4d0596ed4ce167b65669a033b8cd193ac39
GET /stats/0.php?4515739&@f16&@g1&@h1&@i1&@j1670040884930&@k0&@l1&@mPUBG%20MOBILE%20Generator%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:38842683&@b3:1670040885&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 04:14:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18284
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 04:14:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18284
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 04:14:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18284
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 04:14:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18284
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 04:14:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fea74a471d9b45d94402298988d827
11dbe272c75ad8dda9fe66062f761ad0a978c350
ddcf2de56e0fa45e50b45bb021a7b212ddf1ba5a108a849df04ad109809913bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4996
x-amzn-requestid: ac93701b-5591-447b-abcd-6dd7c8236d63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1EmIoAMFUyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-62984f247ab5233275eefc7f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vGYoBLRpnjjxEKkZe8ZJKTn-fPpiKwyvQqUUujW3Ro0cO2R__q-OAg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
age: 23120
etag: "11dbe272c75ad8dda9fe66062f761ad0a978c350"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a483cb4f5948987ff2fa6be8d8f3c4ab
3b36c020f5fc38693ac159e5747518a3234ba8cc
a1c33278142371a168ca50aff0c5dc887461a9c83251e397d45c957c7cf788e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6042
x-amzn-requestid: f28e5f64-3737-455c-accc-86a37dfef4b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPeXHUKoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f8e-20a6aba25e200ff41c6dab91;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bLltF1-sTeAt9wHZVQTsbPQRRw8yteYRgK9XPUmhO3jMLcywS_bYDQ==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:29:46 GMT
age: 78301
etag: "3b36c020f5fc38693ac159e5747518a3234ba8cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 16279
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac15b0561874b0e98a14d037e06dc444
38197764b12e149806126e8a187b0571630d5b26
b4e8ca67dc3e119e2a41d1a362641a1354d5ef68ad18eaa4383e82d38d3c0399
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8169
x-amzn-requestid: a3054dff-b0dd-43cb-ade7-7ec1df6e672f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPWH4DoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2e-788f6fdd1a5e024259e58d80;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iZ_LKVuzrzJhdZsN8aG3wj7mtI2Bcx490Jx8g6KJ_nSMBgBFwIiXQw==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:08 GMT
age: 23019
etag: "38197764b12e149806126e8a187b0571630d5b26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 23120
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94556ef834fbd97092ea3e546fece90d
3f75442d8577c6272b9a3fdf2c5d1305c5e02703
0e49c3b246f4f999404e408e5326c636584f18ddaeec4ff50ffdd74ad48b9dd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10454
x-amzn-requestid: 3c95e941-d127-43a5-a338-7fff4e751367
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfcG82IAMF2JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f95-4dde51fa769890d057216cfa;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9SmDwSJvrZtLjFHfJaAyU400NiFVaBvpQhBGte0ghHYwc2UGj-rT6g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:46:19 GMT
age: 70108
etag: "3f75442d8577c6272b9a3fdf2c5d1305c5e02703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=533038&h=4&m=14&s=45&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&_id=5b95f3d551d6c716&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=Kcf2Tz&pf_net=436&pf_srv=49&pf_tfr=32&pf_dm1=717
91.223.82.61204 No Response 0 B URL HTTP/1.1 track.enigmacdn.com/matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=533038&h=4&m=14&s=45&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&_id=5b95f3d551d6c716&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=Kcf2Tz&pf_net=436&pf_srv=49&pf_tfr=32&pf_dm1=717
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=PUBG%20MOBILE%20Generator%20Online&idsite=1&rec=1&r=533038&h=4&m=14&s=45&url=https%3A%2F%2Fgaminghelper.co%2Fapp%2F1330123889%2Fpubg-90-uc-game-hack&_id=5b95f3d551d6c716&_idn=1&_refts=0&send_image=0&cookie=1&res=1280x1024&pv_id=Kcf2Tz&pf_net=436&pf_srv=49&pf_tfr=32&pf_dm1=717 HTTP/1.1
Host: track.enigmacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://gaminghelper.co
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Response
Server: nginx
Date: Sat, 03 Dec 2022 04:14:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/8.0.8RC1
Access-Control-Allow-Origin: https://gaminghelper.co
Access-Control-Allow-Credentials: true
gaminghelper.co/img/cf/Czech-Republic.png
91.223.82.61200 OK 1.7 kB URL HTTP/1.1 gaminghelper.co/img/cf/Czech-Republic.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash a42f43abb39ae89c6d8fc4e32d82c9db
bd6199e8baf1886592d04b85d35e9455e6bb20fd
3fb0821137e44562ed77147e2da4137738c64120a859438baea07c8e71b2da98
Analyzer Verdict Alert quad9 Sinkholed
GET /img/cf/Czech-Republic.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :); HstCfa4515739=1670040884930; HstCla4515739=1670040884930; HstCmu4515739=1670040884930; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; _pk_id.1.166e=5b95f3d551d6c716.1670040885.; _pk_ses.1.166e=1; timePosted11Cookie=211779; timePosted22Cookie=159059; timePosted33Cookie=103613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:49 GMT
Content-Type: image/png
Content-Length: 1716
Last-Modified: Fri, 03 Sep 2021 06:32:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c170-6b4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/cf/Georgia.png
91.223.82.61200 OK 1.5 kB URL HTTP/1.1 gaminghelper.co/img/cf/Georgia.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 5eb68f589d8843e14c064340666d5dc9
ed7a4b513439b28fd3680d9a9a290aedb940fd6f
e2ac376415e7796a7a2a6d74ed15ed2c6909e175554aeb2954b36b0c598952fe
Analyzer Verdict Alert quad9 Sinkholed
GET /img/cf/Georgia.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :); HstCfa4515739=1670040884930; HstCla4515739=1670040884930; HstCmu4515739=1670040884930; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; _pk_id.1.166e=5b95f3d551d6c716.1670040885.; _pk_ses.1.166e=1; timePosted11Cookie=214779; timePosted22Cookie=162059; timePosted33Cookie=106613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:51 GMT
Content-Type: image/png
Content-Length: 1473
Last-Modified: Fri, 03 Sep 2021 06:32:23 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c177-5c1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/cf/Morocco.png
91.223.82.61200 OK 1.6 kB URL HTTP/1.1 gaminghelper.co/img/cf/Morocco.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 55771e017c0abf4568575f472c4e0f75
0291717398720cae58861a2b58202d01a9299878
bffc3e0712629d2d5be93efe98a0bea7a0b5db9de81c5ad652378b3a65aa928d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/cf/Morocco.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :); HstCfa4515739=1670040884930; HstCla4515739=1670040884930; HstCmu4515739=1670040884930; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; _pk_id.1.166e=5b95f3d551d6c716.1670040885.; _pk_ses.1.166e=1; timePosted11Cookie=215779; timePosted22Cookie=163059; timePosted33Cookie=107613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:53 GMT
Content-Type: image/png
Content-Length: 1595
Last-Modified: Fri, 03 Sep 2021 06:32:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c18e-63b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
gaminghelper.co/img/cf/Italy.png
91.223.82.61200 OK 1.2 kB URL HTTP/1.1 gaminghelper.co/img/cf/Italy.png
IP 91.223.82.61:0
ASN #199968 Iws Networks LLC
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash df891e228f93d4bf850386971dbe38f8
ca7a98f4f88db0871cdfc6f7311137e71491479a
6dfa36808c40ce49318230061806936c68a7626797102bbfd182d024d2b26c3a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/cf/Italy.png HTTP/1.1
Host: gaminghelper.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/app/1330123889/pubg-90-uc-game-hack
Cookie: username1Cookie=Abelardo; username2Cookie=Giselda Capon; username3Cookie=Eliano Fallaci; comment1Cookie=this is legit website ..; comment2Cookie=This trick is amazing . thanks a lot dude!!!! WORKS like a charm!!! .. :3; comment3Cookie=thank you admin! 600000 Cash! :); HstCfa4515739=1670040884930; HstCla4515739=1670040884930; HstCmu4515739=1670040884930; HstPn4515739=1; HstPt4515739=1; HstCnv4515739=1; HstCns4515739=1; _pk_id.1.166e=5b95f3d551d6c716.1670040885.; _pk_ses.1.166e=1; timePosted11Cookie=216779; timePosted22Cookie=164059; timePosted33Cookie=108613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 04:14:54 GMT
Content-Type: image/png
Content-Length: 1189
Last-Modified: Fri, 03 Sep 2021 06:32:30 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6131c17e-4a5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
downloadlocked.com/cl/js/114v1
23.22.126.183200 OK 0 B URL HTTP/2 downloadlocked.com/cl/js/114v1
IP 23.22.126.183:0
GET /cl/js/114v1 HTTP/1.1
Host: downloadlocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 04:14:46 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Iml3ZUNHNGNCejF6cFpyYVFIRVdGdUE9PSIsInZhbHVlIjoiNE1RcmpTcTlKdmlacXYyRGdrcEtRZU8yQlM1MWJOZmZubzFPbVdMSEE4M2w0SVVNRkNFNEY5WWFzZzRyWWhZemZlbGhvVzNEYU9MN0RQS3h1TGszaWlieTdkaS9ZSnZVV2JLZWpoSFFVTlBQWVBvajdHLzgxejRTMGd3TWRHSlgiLCJtYWMiOiI5MmM1OGRhZmFmZDE3ZjNmMjUwMjJhNTRhODhkYTM3NDIwYWFhOThkMzg3MzM2YzVhMzU5YWVkOTEwOWVhMGU2IiwidGFnIjoiIn0%3D; expires=Sun, 04 Dec 2022 00:14:46 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6IjFLTzFvWHU4MkRteitVa1NlczhJT3c9PSIsInZhbHVlIjoiRWNxZnQ5YVhKZzNocXpsMlVPczRiQnhlNSt0bzhmUGtsSnRLclZsYU9jWTFGNWhWbkNud3NXWWpOdGhja3pFM2Q2TEM1YWNSNm5aUHpRdHRheHVrcUNNOGRhUUJxNEEwblpHM2JZTVZQemR3NGoyYlBoVjgvTkJiL0p3bHkzKzkiLCJtYWMiOiI0ZmIwNTkyODQ2MzJmYWFjZjgwYWMxYWYxMTBiYWMwNmJkNzM2MGRjYTA5Y2FlM2RiNmYwZTkzNjNjY2Y2OTA2IiwidGFnIjoiIn0%3D; expires=Sun, 04 Dec 2022 00:14:46 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 04:14:46 GMT
date: Sat, 03 Dec 2022 04:14:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.174200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.174:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaminghelper.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 04:14:46 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+372; expires=Mon, 02-Dec-2024 04:14:46 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2